<?php
/*
author Daryl Hop Yek

This program is based on the free software from http://www.phpwhois.org  by David Saez and can be redistribute and
modify it under the terms of the GNU General Public License
 */
 session_start();
 ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Pshark</title>
<link href="mainstyles.css" rel="stylesheet" type="text/css" />
</head>

<body>
<a href="index.php"><img src="shark.gif" width="229" height="180" alt="Pshark Icon" style="float:left ; margin-right: 15px; margin-bottom: 15px" /></a>
<h1>Pshark</h1>
<h2>A Proactive Approach to Preventing Phishing Attacks</h2>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<p>&nbsp;</p>
<?php
//header('Content-Type: text/html; charset=UTF-8');
include 'header.php';
if ($_SESSION['userType'] =="admin")
{
	echo "<a href=\"memberlist.php\"><img src=\"memberlist.png\" width=\"80\" height=\"33\" alt=\"Member's List\" /></a> \t <a href=\"list.php\"><img src=\"list.png\" width=\"80\" height=\"33\" alt=\"Phishing Data\" /></a>";
}

$out =  implode('', file('domain.html'));



$out = str_replace('{self}', $_SERVER['PHP_SELF'], $out);

$resout = extract_block($out, 'results');

if (isSet($_GET['query']))
	{
	$query = $_GET['query'];
	
	if (!empty($_GET['output']))
		$output = $_GET['output'];
	else
		$output = '';
		
	include_once('whois.main.php');
	include_once('whois.utils.php');
	
	$whois = new Whois();
	
	// Set to true if you want to allow proxy requests
	$allowproxy = false;
	
 	// uncomment the following line to get faster but less acurate results
 	// $whois->deep_whois = false;
 	
 	// To use special whois servers (see README)	
	//$whois->UseServer('uk','whois.nic.uk:1043?{hname} {ip} {query}');
	//$whois->UseServer('au','whois-check.ausregistry.net.au');
	
	// uncomment the following line to add support for non ICANN tld's
	// $whois->non_icann = true;
	
	$result = $whois->Lookup($query);
	
	
	$resout = str_replace('{query}', $query, $resout);
	$winfo = '';

	switch ($output)
		{
		case 'object':
			if ($whois->Query['status'] < 0)
				{
				$winfo = implode($whois->Query['errstr'],"\n<br></br>");
				}
			else
				{
				$utils = new utils;
				$winfo = $utils->showObject($result);
				}
			break;
			
		case 'nice':			
			if (!empty($result['rawdata']))
				{
				$utils = new utils;
				$winfo = $utils->showHTML($result);
				}
			else
				{
				if (isset($whois->Query['errstr']))
					$winfo = implode($whois->Query['errstr'],"\n<br></br>");
				else
					$winfo = 'Unexpected error';
				}       
			break;

		case 'proxy':
			if ($allowproxy)
				exit(serialize($result));
			
		default:
			if(!empty($result['rawdata']))
				{
				$winfo .= '<pre>'.implode($result['rawdata'],"\n").'</pre>';
				}
			else
				{
				$winfo = implode($whois->Query['errstr'],"\n<br></br>");
				}       
		}
	
	//$winfo = utf8_encode($winfo);
	if ($_SESSION['userType'] =="admin")
{
	$findme = '<a href="mailto:';
	$findme1 ='</a>';
	$pos = stripos($winfo, $findme);
	$length = strlen ($winfo);
	$end = intval($length) - intval($pos) - 100; 
	$start = intval($pos); 
	$rest = substr($winfo, $start, -$end); 
	$pos1 = stripos($rest, $findme1);
	$length1 = strlen ($rest);
	$end1 = intval($length1) - intval($pos1) - 4;
	$rest1 = substr($rest, 0, -$end1); 
	$date1 = date("d.m.Y");
	//$domain = strstr($winfo, '@');
	// needs email server to be on the same server which PHP is running. The following is a email test.
	$to = $rest1;
	$subject = 'Phishing page';
	$body = "<br /><br />Hello Admin, <br />  We have found what we believe is a Phishing page located on your server on the following link. <br />'" 
	. $query ."'." ;
	$headers = "From: dhopyek@gmail.com\r\n";
	$headers .= "Cc: jarrod.trevathan@jcu.edu.au";
	$mail = mail ($to, $subject, $body, $headers);
	if ($pos == '')
	{$message = "For registrator contact email refer to the site listed above.";} 
		else
		{
	 if($mail) 
 {$message = 'Message successfully sent to hosting server admin of phishing page!';} 
 else 
{$message = "Message delivery failed to be sent to hosting server. The computer on which PHP is running does not have a  working mail server.  Please use the local computer email client and email: ". $rest1 . 
". <br /> <br /> Copy and paste the following text into the body of the email: " 
. $body;} 
 
$sql = "INSERT INTO RECORD (URL,  DATEENTER) VALUES ('$query', '$date1')";
	 //echo $sql; 
	 	//print '<br />';
		if ($dbh->exec($sql))
			{echo '<br />';
			echo "Done";
			}
		//else
		//	echo "Failed";
		//echo "<br />";
		
	//$test = '<a href="mailto:daryl.hopyek@.myjcu.edu.au">daryl.hopyek@jcu.edu.au</a>';
}
	
	$resout = str_replace('{result}', $winfo, $resout) . $message;
	
}
else
{
	$resout = str_replace('{result}', $winfo, $resout);
}
	
	}
else
	$resout = '';
	
echo str_replace('{results}', $resout, $out);

//-------------------------------------------------------------------------

function extract_block (&$plantilla,$mark,$retmark='')
{
$start = strpos($plantilla,'<!--'.$mark.'-->');
$final = strpos($plantilla,'<!--/'.$mark.'-->');

if ($start === false || $final === false) return;

$ini = $start+7+strlen($mark);

$ret=substr($plantilla,$ini,$final-$ini);

$final+=8+strlen($mark);

if ($retmark===false)
	$plantilla=substr($plantilla,0,$start).substr($plantilla,$final);
else	
	{
	if ($retmark=='') $retmark=$mark;
	$plantilla=substr($plantilla,0,$start).'{'.$retmark.'}'.substr($plantilla,$final);
	}
	
return $ret;
}
?>
</body>
</html>